This page is a chapter in the book AusPhotography Guide to Safer Computing.
You are taking a huge security risk by using passwords that are easy to guess or crack. There is an art to choosing a good password. While a good password may take longer to remember, it’s worth the effort to protect your computer desktop and your online accounts. Passwords are an integral part of overall security. A weak password is one of the vulnerabilities most frequently targeted by a cracker. This is even more important for your online banking, paypal, ebay and other such accounts.
What are the most crackable passwords? Never choose an easy to guess password. Anyone who knows you or even strangers can easily find out information about you that can help to crack a password. Here are some examples of common BAD PASSWORD choices: significant other's name, children's names, birth date, pet's name, favorite sports team, mother's maiden name, town where you grew up. If you are currently using one of these passwords as your primary password, your personal information and all sensitive information to which you have access is NOT SECURE. Please change it!
Never reuse a password for something you care about. (It's fine to have a single password for low-security sites, such as for newspaper archive access.) Assume that all PINs can be easily broken and plan accordingly.
Never type a password you care about, such as for a bank account, into a non-SSL encrypted page. If your bank makes it possible to do that, complain to them. When they tell you that it is OK, don't believe them; they're wrong.
How do crackers steal passwords? Crackers constantly scan the Internet to find computers with weak passwords, unpatched operating systems and vulnerable running programs. In about 20 minutes a single cracker can scan around 10,000 computers. Crackers use software tools that rapidly assess thousands of common passwords in order to gain access to different systems. Once a password is cracked, a cracker can usually access more accounts without your knowledge, such as email, Instant Messenger, online banking information and other personal and private information.
What are the basic rules for passwords? Typically a good password must be 6-8 characters containing:
* At least four characters must be different
* 3 of the following 4 character types:
* capitalized letter
* lower case letter
* non-alphanumeric symbol
Note: Use at least 14 characters for a Wireless access point encryption password.
What are some techniques for creating a strong password? Use a word or phrase with meaning for you (so that it will be easy to remember), but mix it up by adding in symbols or numbers to increase the security of the password.
From a childhood verse: Verse Line: Yankee Doodle went to town
Expressions inspired by the name of a city: City Expression: I love Paris in the springtime
Or, even use a word with meaning for you such as:
m@11_rat -(mall rat)
How often should I change my password? We recommend that you change your password at least twice per year, and every 90 days is better.